Somewhere I Belong Part 2

Credits: Jeff Green and James Barnett

The theory and practice of social engineering

Part 2: Walking in like the place owns us!

When Life hands you security guards, make doors open.

Assuming that it is abnormal for 2 random IT workers to show up at 1:00 am, you can still find ways to fit into your targets mind. Act like the place owns you! You are working at 1:00 am, you are probably tired or annoyed. Your boss is on the phone with you asking why it is taking so long. Your badge has never done that before. Shrug. You do not ask to be let in, your day sucks and you would love to be able to just stumble home for the night and finish tomorrow.

There are subtle differences in our communication patterns based on our level of comfort. Relaxed does not always mean you belong. Comfort is a complex thing, if we feel really comfortable with someone we may something uncomfortable that we would never say to someone we were uncomfortable with in the first place. We may be more short tempered with those we love or are used to.

We need to fit into the mind like a piece of a jigsaw puzzle. Circle goes in circle hole.

Story Time

Changes and redactions have been made in this story to protect those involved.

The inspiration for this blog post series came from a Covert Entry Red Team Engagement my partner and I were on. I will start with a little story about some work we did and follow up with what I learned from the experience. The dialogue is remembered as best I can as it was not all recorded and some things are changed to protect identities. We had done our osint, completed our physical recon, and already compromised 2 of our 4 targets. Our third was the big prize. High Security Badge Access, constant guard presence, great side and rear door security made it appear to be a really hard target. We came up with all sorts of wild schemes and at some point while we were sitting in the car together we realized we were thinking about it all wrong. I forget who, but one of us said, “We just need to walk in the front door like we own the place, what are they gonna do? …Nothing I bet.”

I thought I had the front door opened from something I had done previously.We pulled into the parking lot after midnight and walked up to the door. I was on the phone talking excitedly to my boss who was helping me stay in character, stressed out and tired. Maybe even a little bored. I scanned my badge( a drivers license in a stolen company lanyard) on the main door and reached for the handle. Nothing. Later I realized from some pictures I took I had messed up on that door by accident. Huge mistake. I tried again? ( Knowing at this point the game was up but wanting to try my hand at one more little thing) The security guard got up and walked to the door looking at us. I gesticulated and talked into the phone shrugging dejectedly. We turned and started to walk away and then the guard shouted, “ Hey, do you work here?” I turned around. “Yeah, I am on the phone with my boss now. I have to change some hard drives in the server racks asap. I have no idea why this dumb card is messed up. Makes no sense” She asked. “ You work for COMPANYNAME?” My partner speaks up. “ yeah, we are just finishing up for the day. One more job.” “Ok, come on in.” The guard trudged back to the desk after saving the day for some hapless IT workers. We walked up the stairs and into the hallway and saw through the glass doors, a miracle . We had reached the promised land! The rush was unbelievable as we slapped red stickers on the servers. I grabbed a picture of the NOC analyst on duty as we walked around the data center like the place owned us and we had better get our work done asap.

-Start StreamofConsciousness -U SecurityGuard -D HighCommand -P Hunter02
Someone parked their car in the front spot. Must be someone who thinks they are important. He is getting out. lanyard with badge. Dang I just lost my game of candycrush.
He swiped his badge and pulled on the door. Wow he looks confused. On the phone. looks stressed and annoyed. I guess I will go find out whats going on.
---Do you work here?---
---Yeah, no idea why my dang badge didnt work. Never had that problem before.---
---Do you work here?---
---Yeah, I am with IT, gotta change some hard drives asap. Sorry, boss on the phone.---
---Oh, ok, come on in---
Man they are loud people. All right. Imma crush this candycrush game now.
-End StreamofConsciousness SecurityGuard HighCommand


You are always welcome at your home. How do you know you are welcome? You just do. How do they know you are welcome? If your behaviors are a pattern that they can understand in all of the particular situations you find yourself in. Does your personality fit the time? Are you tired, bored, annoyed? Well I would hope so! It is midnight and they are used to seeing someone annoyed at having to do things at midnight. If you were happy maybe they would be a little suspicious of you. Who knows for sure. Look at your target. Are they bored? Are they annoyed? Mirroring behaviors and communication works sometimes, if all else fails.

Be consistent and have a story that is malleable. Dropping some WiFi pineapples when a guard walks up on you? No your not, your hanging wireless APs for the new faster better WiFi system.
Had to be late because disruption to the internet. So annoying. Yeah… I picked the short straw again. No, no… we are not with Wireless AP We are IT and we are hanging up wireless internet access points…

Don’t walk in like you own the place, walk in like the place owns you.

Good Luck Red Teams!